Does your organization actively monitor cyber threat intelligence sources for information about new vulnerabilities in your products and services?
Explanation
Monitoring cyber threat intelligence sources helps organizations stay informed about newly discovered vulnerabilities that could affect their products and services. This includes tracking security advisories, vulnerability databases (like CVE, NVD), vendor notifications, security blogs, and threat intelligence platforms to identify potential security issues before they can be exploited.
Evidence could include documentation of subscribed threat intelligence feeds, screenshots of monitoring dashboards, vulnerability tracking procedures, or reports showing how identified vulnerabilities were assessed for relevance to the organization's products and services.
Implementation Example
Monitor sources of cyber threat intelligence for information on new vulnerabilities in products and services
ID: ID.RA-01.151
Context
- Function
- ID: IDENTIFY
- Category
- ID.RA: Risk Assessment
- Sub-Category
- Vulnerabilities in assets are identified, validated, and recorded
Related questions
- Does your organization implement vulnerability management tools to detect unpatched software and misconfigurations?
- Does your organization regularly conduct security architecture reviews to identify and remediate design and implementation weaknesses?
- Does your organization conduct security reviews, analysis, or testing of internally developed software to identify vulnerabilities in design, code, and default configurations?
- Has your organization conducted a comprehensive physical security assessment of all facilities housing critical computing assets within the past 12 months?
- Does your organization regularly conduct vulnerability assessments of business processes and procedures to identify potential cybersecurity weaknesses?
- Has your organization configured cybersecurity tools to automatically ingest and operationalize threat intelligence feeds?

